kernel: Activate CONFIG_LIST_HARDENED

Activate the kernel option CONFIG_LIST_HARDENED for all targets.
This adds some inline checks to list_add() and list_del() operations
in the kernel. Before kernel 6.6 these checks were only available with
CONFIG_DEBUG_LIST option, but now a light version is available which
should only add very few extra instructions to such operations.

The performance penalty is very low from my point of view. It should
make it much harder to use bugs in Linux kernel list handling when
exploiting the Linux kernel.

Link: https://github.com/openwrt/openwrt/pull/16189
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

diff --git a/target/linux/generic/config-6.6 b/target/linux/generic/config-6.6
index cce30e10973b94b07a402f11cde3ec01d4c374e5..c169e107dfda2ffd16436b003b89b3c4020443d1 100644 (file)
--- a/target/linux/generic/config-6.6
+++ b/target/linux/generic/config-6.6
@@ -3114,7 +3114,7 @@ CONFIG_LINEAR_RANGES=y
 # CONFIG_LIQUIDIO is not set
 # CONFIG_LIQUIDIO_VF is not set
 # CONFIG_LIRC is not set
-# CONFIG_LIST_HARDENED is not set
+CONFIG_LIST_HARDENED=y
 # CONFIG_LITEX_LITEETH is not set
 # CONFIG_LITEX_SOC_CONTROLLER is not set
 # CONFIG_LIVEPATCH is not set